npipe icon indicating copy to clipboard operation
npipe copied to clipboard

Published 20 hours ago verified publisher icon natefinch

Writable pipe for an Elevated service?

Open precisionpete opened this issue 2 years ago • 1 comments
trafficstars

How do I create a named pipe from an elevated service that allows writing from a user space program?

The examples work fine if both ends are running as a user. But I need a user-space program to talk to a service running as the system account.

How do i set the permissions on the pipe?

precisionpete avatar Oct 27 '23 14:10 precisionpete

I think I figured it out using github.com/hectane/go-acl

import "github.com/hectane/go-acl"

func server() error {
	server, err := npipe.Listen(pipeName)
	if err != nil {
		return fmt.Errorf("error creating pipe listener: %w", err)
	}
	defer server.Close()

	err = acl.Apply(pipeName, true, false, acl.GrantName(windows.GENERIC_READ|windows.GENERIC_WRITE, "EVERYONE"))
	if err != nil {
		return fmt.Errorf("cannot set permissions on pipe: %w", err)
	}

	myService := new(MyService)
	rpc.Register(myService)

	fmt.Println("Named pipe server is waiting for connections...")

	for {
		conn, err := server.Accept()
		if err != nil {
			return fmt.Errorf("error accepting connection: %w", err)
		}

		go rpc.ServeConn(conn)
	}
}

precisionpete avatar Oct 27 '23 15:10 precisionpete